CVE-2017-0259

MEDIUM

Windows Kernel - Information Disclosure via Crafted Document

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0259. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates an information leak vulnerability in the Windows kernel (CVE-2017-0259) by triggering the nt!NtTraceControl system call to disclose uninitialized pool memory. The PoC iterates through event handles to find a valid one and prints the leaked memory contents.

Description

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0258.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · c++doswindows

https://www.exploit-db.com/exploits/42007

View Code ZIP pw:eip

This exploit demonstrates an information leak vulnerability in the Windows kernel (CVE-2017-0259) by triggering the nt!NtTraceControl system call to disclose uninitialized pool memory. The PoC iterates through event handles to find a valid one and prints the leaked memory contents.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows 10 (kernel)

Auth required

Prerequisites: Local access to a vulnerable Windows 10 system · Special Pools mechanism enabled for ntoskrnl.exe

MITRE ATT&CK

T1069 - Permission Groups Discovery T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98113

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0259

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42007/

Scores

CVSS v3 4.7

EPSS 0.0318

EPSS Percentile 87.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (9)

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_10 1607

microsoft/windows_10 1703

microsoft/windows_8.1

microsoft/windows_rt_8.1

microsoft/windows_server_2012 r2

microsoft/windows_server_2016

Microsoft Corporation/Microsoft Windows Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, an

Published May 12, 2017

Tracked Since Feb 18, 2026